Palo Alto Networks releases new App-IDs every month and the LIVEcommunity wants to make sure you're up to date. Take some time to review the App-IDs for this month and decide if you need to update your security policies. Get answers on LIVEcommunity.
New App-IDs for January 2020
It's time to recap all of the new APP-IDs for January 2020. We have added 10 new apps just for the January 22nd update. With the popularity of streaming applications, we have added new apps for AppleTV+ and Disney+. We have even added a new app for the popular Overwatch game.
Below is a list of new applications that will be available with the Applications and Threats content release on January 22, 2020*.
Here are some ways you can use this information:
Find out if you will get visibility and control for an application that is heavily used in your environment.
Determine whether a new functional App-ID for an existing application affects your security policy structure.
New Applications (10)
Previously Identified As
Apple TV+ is an over-the-top, ad-free subscription video on-demand web television service of Apple Inc. AppleTV+ content is viewable through Apple's website and through Apple's TV app. This App-ID covers the streaming traffic of AppleTV+
http-video, ssl, web-browsing
Disney+ is the on-demand, ad-free streaming service. With Disney+, subscribers can watch thousands of Disney movies and series from their devices (smart TVs, phones, laptops, tablets, and gaming consoles). The service includes unlimited downloads, so users can watch anywhere, anytime. This App-ID covers the streaming traffic of Disney +.
http-audio, http-video, ssl, web-browsing
Houseparty is a social networking service that enables group video chatting through mobile and desktop apps. This App-ID covers the traffic of Houseparty on Chrome and mobile platforms.
rtcp, ssl, stun, web-browsing, websocket
Overwatch is an online team-based game generally played as a first-person shooter video game. The game features several different game modes that are principally designed around squad-based combat with two opposing teams of six players each. This App-ID identifies the Overwatch game traffic from Windows client.
battle.net, ssl, unknown-tcp, unknown-udp
Zero Touch Provisioning service streamlines initial deployment processes by allowing network administrators to ship devices directly to their branches without the need of specialized IT staff to provision the device. This App-ID covers the ZTP service traffic for Palo Alto Networks devices.
The Certificate Management Protocol (CMP) is an internet protocol used for obtaining X.509 digital certificates in a public key infrastructure (PKI). It is described in RFC 4210.
The Ring Video Doorbell is a smart doorbell that contains a high-definition camera, a motion sensor, and a microphone and speaker for two-way audio communication.
rtcp, rtp-base, ssl, stun, web-browsing
traceroute is a computer network diagnostic tool for displaying the route (path) and measuring transit delays of packets across an Internet Protocol (IP) network. traceroute outputs the list of traversed routers in simple text format, together with timing information. Traceroute is available on most operating systems. This App-ID covers the traceroute over IPv6.
Universal Data mover is a managed file transfer solution. UDM monitors data availability, transfers data from any platform in any format in a secure, reliable, and regulatory way. The App-ID covers traffic between the UDM manager and the local server hosted on a Windows machine.
Web Services Dynamic Discovery (WS-Discovery) is a technical specification that defines a multicast discovery protocol to locate services on a local network. It operates over TCP and UDP port 3702 and uses IP multicast address 18.104.22.168. As the name suggests, the actual communication between nodes is done using web services standards, notably SOAP-over-UDP. This App-ID covers WS-Discovery's communication between nodes using SOAP-over-UDP over port 3702.